Nom du paquet
virtualbox
Date
2009-01-14
Advisory ID
MDVSA-2009:011
Affected versions
2009.0 x86_64 , 2008.0 i586 , 2009.0 i586 , 2008.0 x86_64 , 2008.1 x86_64 , 2008.1 i586

Problem description

A vulnerability have been discovered and corrected in VirtualBox,
affecting versions prior to 2.0.6, which allows local users
to overwrite arbitrary files via a symlink attack on a
/tmp/.vbox-qateam-ipc/lock temporary file (CVE-2008-5256).

The updated packages have been patched to prevent this.

Updated packages

2009.0 x86_64

 667f19d7803c5eb163364ce221b367be  2009.0/x86_64/dkms-vboxadd-2.0.2-2.1mdv2009.0.x86_64.rpm
 e4439eb5b8a5ef7e09924989058a69b8  2009.0/x86_64/dkms-vboxvfs-2.0.2-2.1mdv2009.0.x86_64.rpm
 3da3bc075de10484211b0da29a0a14cc  2009.0/x86_64/dkms-virtualbox-2.0.2-2.1mdv2009.0.x86_64.rpm
 1aba902daf9019cbcf4e62e8a64d0a82  2009.0/x86_64/virtualbox-2.0.2-2.1mdv2009.0.x86_64.rpm
 da486be54760b618a3d84e23c3ad067e  2009.0/x86_64/virtualbox-guest-additions-2.0.2-2.1mdv2009.0.x86_64.rpm
 a3adf7c94132553f43dc6a0cd765bcc8  2009.0/x86_64/x11-driver-input-vboxmouse-2.0.2-2.1mdv2009.0.x86_64.rpm
 ca82cc1b8e6b5d85d1a7601a37367562  2009.0/x86_64/x11-driver-video-vboxvideo-2.0.2-2.1mdv2009.0.x86_64.rpm 
 93f4904d403da2dd75ca4d444d298846  2009.0/SRPMS/virtualbox-2.0.2-2.1mdv2009.0.src.rpm

2008.0 i586

 0faad982e37288846205d6d33d590ee1  2008.0/i586/dkms-vboxadd-1.5.0-6.1mdv2008.0.i586.rpm
 ec69afc3908bd606bae77b8422e39558  2008.0/i586/dkms-vboxvfs-1.5.0-6.1mdv2008.0.i586.rpm
 c27d1bd07d9dc67f4cefbdf33472acca  2008.0/i586/dkms-virtualbox-1.5.0-6.1mdv2008.0.i586.rpm
 9964702ee96bcf6c6edf0c31835d20e7  2008.0/i586/virtualbox-1.5.0-6.1mdv2008.0.i586.rpm
 435eb23fb1847074783ee59f21afa05d  2008.0/i586/virtualbox-guest-additions-1.5.0-6.1mdv2008.0.i586.rpm
 dbf4cd4d51e6690ed54a01751d7eb6e3  2008.0/i586/x11-driver-input-vboxmouse-1.5.0-6.1mdv2008.0.i586.rpm
 89984e4e53d3eda593e1a384b97acd14  2008.0/i586/x11-driver-video-vboxvideo-1.5.0-6.1mdv2008.0.i586.rpm 
 d0edb2542a83e4ab966bb9990b9c3a88  2008.0/SRPMS/virtualbox-1.5.0-6.1mdv2008.0.src.rpm

2009.0 i586

 53e13912d97abe5b7044887eab1028fd  2009.0/i586/dkms-vboxadd-2.0.2-2.1mdv2009.0.i586.rpm
 9441661b095cf9c65c50c3a81f1fb89b  2009.0/i586/dkms-vboxvfs-2.0.2-2.1mdv2009.0.i586.rpm
 2977fa2971f66d6b554ab73f03b80ba6  2009.0/i586/dkms-virtualbox-2.0.2-2.1mdv2009.0.i586.rpm
 acddf8b8a168c148f1f5e7a548a610bd  2009.0/i586/virtualbox-2.0.2-2.1mdv2009.0.i586.rpm
 edfc2bc624a87ab96f238345fbe38529  2009.0/i586/virtualbox-guest-additions-2.0.2-2.1mdv2009.0.i586.rpm
 e3650d3c5fedb2dccdc4a2e108414b95  2009.0/i586/x11-driver-input-vboxmouse-2.0.2-2.1mdv2009.0.i586.rpm
 6d28714532427680f82c86fe34fee3e0  2009.0/i586/x11-driver-video-vboxvideo-2.0.2-2.1mdv2009.0.i586.rpm 
 93f4904d403da2dd75ca4d444d298846  2009.0/SRPMS/virtualbox-2.0.2-2.1mdv2009.0.src.rpm

2008.0 x86_64

 0bfb5b9d8c8a16f1e04fd490e6379e63  2008.0/x86_64/dkms-virtualbox-1.5.0-6.1mdv2008.0.x86_64.rpm
 3bc3251552c50c2ba8270a69c5f353d7  2008.0/x86_64/virtualbox-1.5.0-6.1mdv2008.0.x86_64.rpm 
 d0edb2542a83e4ab966bb9990b9c3a88  2008.0/SRPMS/virtualbox-1.5.0-6.1mdv2008.0.src.rpm

2008.1 x86_64

 4d261638ff0134079fa6c52d0a368664  2008.1/x86_64/dkms-virtualbox-1.5.6-1.1mdv2008.1.x86_64.rpm
 6ccec4ff2f35d1308f73e10679651ce0  2008.1/x86_64/virtualbox-1.5.6-1.1mdv2008.1.x86_64.rpm 
 6c18b42e2ff43d79009dedc817fa19e9  2008.1/SRPMS/virtualbox-1.5.6-1.1mdv2008.1.src.rpm

2008.1 i586

 c4e028f64685550f1b54d658cac8033c  2008.1/i586/dkms-vboxadd-1.5.6-1.1mdv2008.1.i586.rpm
 0ba02b82975789a2e074562c266e3880  2008.1/i586/dkms-vboxvfs-1.5.6-1.1mdv2008.1.i586.rpm
 91fb1e876d76370c40f2bc20271dcdbb  2008.1/i586/dkms-virtualbox-1.5.6-1.1mdv2008.1.i586.rpm
 42dd201c14fab3dd1ff218969f88612c  2008.1/i586/virtualbox-1.5.6-1.1mdv2008.1.i586.rpm
 5feeef63896de6093cdd6365258df60d  2008.1/i586/virtualbox-guest-additions-1.5.6-1.1mdv2008.1.i586.rpm
 3d3fc94cb178e2a6853679f01f7f4198  2008.1/i586/x11-driver-input-vboxmouse-1.5.6-1.1mdv2008.1.i586.rpm
 79b78be2abe7b3a6d8e95d547139afa4  2008.1/i586/x11-driver-video-vboxvideo-1.5.6-1.1mdv2008.1.i586.rpm 
 6c18b42e2ff43d79009dedc817fa19e9  2008.1/SRPMS/virtualbox-1.5.6-1.1mdv2008.1.src.rpm

References